Keeping the powerful credentials where the agent can't reach them does buy you a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		__MatrixMan__ 4 months ago \| parent \| context \| favorite \| on: We put a coding agent in a while loop Keeping the powerful credentials where the agent can't reach them does buy you a bit of safety. But I still think its a bit loose when compared with exposing an API to the model which can only do what you intend for that model to do.

dhorthy 4 months ago [–]

sure fair enough. I guess i'm mostly being pragmatic here.

Plus i'm not convinced that generating "kubectl"...json..."get"...json..."pod"... is easier for most models than "bash"...json..."kubectl get pod"...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact